$ rpki-client -vvf rpki.apnic.net/member_repository/A91CACCA/6086D7821DA911E2BB1B4EA408B02CD2/qZ9mmGknIBFUlstFlwLEOtxI1q0.mft File: qZ9mmGknIBFUlstFlwLEOtxI1q0.mft (raw, json) Hash identifier: ufVciWT71GFJUGiZ2xWV3GwB1VIYur9tBRxsmX9cjME= Subject key identifier: 1B:6E:23:8D:41:83:1A:FA:52:0E:69:3A:40:5F:DF:06:D9:8A:4A:29 Authority key identifier: A9:9F:66:98:69:27:20:11:54:96:CB:45:97:02:C4:3A:DC:48:D6:AD Certificate issuer: /CN=A91CACCA/serialNumber=A99F6698692720115496CB459702C43ADC48D6AD Certificate serial: 3494 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZ9mmGknIBFUlstFlwLEOtxI1q0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CACCA/6086D7821DA911E2BB1B4EA408B02CD2/qZ9mmGknIBFUlstFlwLEOtxI1q0.mft Manifest number: 3494 Signing time: Mon 30 Jun 2025 15:18:25 +0000 Manifest this update: Mon 30 Jun 2025 15:18:25 +0000 Manifest next update: Mon 07 Jul 2025 15:18:25 +0000 Files and hashes: 1: qZ9mmGknIBFUlstFlwLEOtxI1q0.crl (hash: b5NS9xNNICCENB2+QDEoUEJ0PSC1R5h2JVh7fiKpVQE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CACCA/6086D7821DA911E2BB1B4EA408B02CD2/qZ9mmGknIBFUlstFlwLEOtxI1q0.crl rsync://rpki.apnic.net/member_repository/A91CACCA/6086D7821DA911E2BB1B4EA408B02CD2/qZ9mmGknIBFUlstFlwLEOtxI1q0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZ9mmGknIBFUlstFlwLEOtxI1q0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 15:18:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13460 (0x3494) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CACCA, serialNumber=A99F6698692720115496CB459702C43ADC48D6AD Validity Not Before: Jun 30 15:18:25 2025 GMT Not After : Jul 7 15:18:25 2025 GMT Subject: CN=6862aac1-0004 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:77:f4:08:d5:e5:22:38:c6:19:4a:3a:a2:2a: 09:46:29:30:94:73:7a:0d:1f:68:e5:16:dd:9e:0a: 91:3c:44:6f:19:80:49:f4:70:75:a6:28:cb:e1:54: a0:93:72:5b:46:df:86:bf:c7:d4:6e:ac:2e:2b:e6: 50:1a:e3:21:1e:d9:4e:d7:5b:23:43:34:89:09:cc: 8b:df:71:27:a1:45:ad:e0:92:b8:42:d8:7d:5f:bf: ad:63:a4:c4:7f:38:8b:69:b0:59:8f:4b:c5:1d:a3: f7:14:8c:4e:9e:c3:bc:d8:10:2a:52:d3:e5:53:69: 0e:43:65:da:d2:10:90:18:98:de:ed:b2:41:4b:f2: 5f:2b:cf:88:11:f7:dd:6e:b8:9b:5c:ca:c8:d7:a7: 1f:75:1e:51:0d:22:94:0b:32:e9:24:cb:0c:91:4c: 52:98:6e:27:5a:da:54:4e:f1:73:aa:02:3e:f0:88: 13:1a:ef:e8:0f:bb:6d:47:d9:f7:76:ff:5f:ce:61: cc:76:67:59:ee:08:c7:50:ec:58:52:b0:63:7a:88: 29:a3:6b:7d:f8:c6:3f:35:30:3e:71:f9:8e:f8:97: 1c:86:32:47:5c:56:e8:f4:0f:38:62:30:02:81:81: ce:15:33:8a:ea:ba:d9:47:43:ee:96:3d:41:85:0b: 0b:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:6E:23:8D:41:83:1A:FA:52:0E:69:3A:40:5F:DF:06:D9:8A:4A:29 X509v3 Authority Key Identifier: keyid:A9:9F:66:98:69:27:20:11:54:96:CB:45:97:02:C4:3A:DC:48:D6:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CACCA/6086D7821DA911E2BB1B4EA408B02CD2/qZ9mmGknIBFUlstFlwLEOtxI1q0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qZ9mmGknIBFUlstFlwLEOtxI1q0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CACCA/6086D7821DA911E2BB1B4EA408B02CD2/qZ9mmGknIBFUlstFlwLEOtxI1q0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 04:dc:27:35:aa:ae:0d:d2:14:be:09:41:07:cf:69:7c:a3:38: e8:66:55:d3:36:e9:b2:ab:da:97:0e:b4:bf:66:82:0d:fa:5c: 4e:33:2c:9c:91:90:c6:96:e3:dc:8a:d1:38:51:17:04:45:8c: 98:04:13:2d:36:d2:7f:1f:24:ff:e3:c8:f4:a9:ed:93:8a:85: 8f:ef:4c:dd:59:e0:32:8a:bd:65:14:75:8f:f8:89:4e:1c:81: 50:08:6d:2e:0f:6c:a9:dd:5b:e2:21:d4:60:68:c1:b9:f4:95: 0b:46:52:80:f0:1c:65:4a:0f:49:9d:06:9f:67:27:57:0d:a9: b7:dd:bd:90:ef:de:f4:3b:52:d9:0b:eb:1f:e1:48:db:92:63: 2d:d0:de:82:7f:13:db:27:8d:f9:50:e0:94:cf:22:60:82:f4: 44:3d:fd:44:b4:60:77:11:bf:be:e5:95:7d:98:b9:0e:39:f1: 21:34:d4:c6:3f:c5:f7:9a:59:7f:34:90:17:ff:1c:57:e9:8e: dd:df:ea:31:46:3e:8a:56:9c:13:be:b5:fd:7f:b2:e9:ba:aa: 16:5e:89:60:81:3c:c9:c0:75:2c:68:3d:6b:bf:25:ae:a8:cb: 53:5f:4a:04:bc:a3:94:71:98:7d:a6:2e:9b:49:63:bb:89:5b: a2:34:83:5a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FDQ0ExMTAvBgNVBAUTKEE5OUY2Njk4NjkyNzIwMTE1NDk2Q0I0NTk3MDJDNDNB REM0OEQ2QUQwHhcNMjUwNjMwMTUxODI1WhcNMjUwNzA3MTUxODI1WjAYMRYwFAYD VQQDEw02ODYyYWFjMS0wMDA0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA83f0CNXlIjjGGUo6oioJRikwlHN6DR9o5RbdngqRPERvGYBJ9HB1pijL4VSg k3JbRt+Gv8fUbqwuK+ZQGuMhHtlO11sjQzSJCcyL33EnoUWt4JK4Qth9X7+tY6TE fziLabBZj0vFHaP3FIxOnsO82BAqUtPlU2kOQ2Xa0hCQGJje7bJBS/JfK8+IEffd bribXMrI16cfdR5RDSKUCzLpJMsMkUxSmG4nWtpUTvFzqgI+8IgTGu/oD7ttR9n3 dv9fzmHMdmdZ7gjHUOxYUrBjeogpo2t9+MY/NTA+cfmO+JcchjJHXFbo9A84YjAC gYHOFTOK6rrZR0Pulj1BhQsLEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBtuI41B gxr6Ug5pOkBf3wbZikopMB8GA1UdIwQYMBaAFKmfZphpJyARVJbLRZcCxDrcSNat MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUNDQS82MDg2RDc4MjFE QTkxMUUyQkIxQjRFQTQwOEIwMkNEMi9xWjltbUdrbklCRlVsc3RGbHdMRU90eEkx cTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FaOW1tR2tuSUJGVWxzdEZsd0xFT3R4STFxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUNDQS82MDg2RDc4MjFEQTkxMUUyQkIxQjRFQTQwOEIwMkNEMi9xWjltbUdrbklC RlVsc3RGbHdMRU90eEkxcTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAE3Cc1qq4N0hS+CUEHz2l8ozjoZlXTNumyq9qXDrS/ZoIN+lxOMyyc kZDGluPcitE4URcERYyYBBMtNtJ/HyT/48j0qe2TioWP70zdWeAyir1lFHWP+IlO HIFQCG0uD2yp3VviIdRgaMG59JULRlKA8BxlSg9JnQafZydXDam33b2Q7970O1LZ C+sf4UjbkmMt0N6CfxPbJ435UOCUzyJggvREPf1EtGB3Eb++5ZV9mLkOOfEhNNTG P8X3mll/NJAX/xxX6Y7d3+oxRj6KVpwTvrX9f7LpuqoWXolggTzJwHUsaD1rvyWu qMtTX0oEvKOUcZh9pi6bSWO7iVuiNINa -----END CERTIFICATE-----Generated at Wed Jul 2 07:28:00 2025 by rpki-client